Sniffing Unix socket

Everyone knows tcpdump. This tools allows you to sniff your network traffic. But how can we sniff on a Unix socket ?

It’s easy with socat.

Install socat :

# apt-get install socat
or
# pkg_add socat

Let’s say that your socket is /tmp/mysocket.sock

Rename your socket:

# mv /tmp/mysocket.sock /tmp/mysocket1.sock

Launch socat:

# socat -t100 -x -v UNIX-LISTEN:/tmp/mysocket.sock,mode=777,reuseaddr,fork UNIX-CONNECT:/tmp/mysocket1.sock

Unix